Malice goes mainstream

Can something as commonplace as a Google search be hazardous to computer and network health?

Well, yes.

In November, links to fraudulent websites that delivered large payloads of malicious software, or "malware," including spyware, worms and trojans, polluted Google results pages.

Story continues below advertisement

Using botnets, which are networks of compromised computers remotely controlled by "bot herders," hackers were able to manipulate Google's rankings and place links to malicious websites near the top of search results pages. Someone searching for a firmware upgrade for their router might be greeted with several authentic-looking links to sites that would attempt to infect their system.

While the Google search example is just one of many high-profile Internet threats, it demonstrates the continuing evolution of cybercrime from mischief to big business, say security experts. And Canadian businesses are still taking a reactive approach to security rather than a preventative approach, finds a survey by security software firm Symantec Corp., 2007 Pulse of IT Security in Canada.

While once hackers sought status within their subculture by spreading worms or viruses that created disruptions, more and more of them are using malware to steal money or information. To make matters worse, cybercriminals are now marketing their wares by selling or leasing make-your-own malware kits that have the potential to balloon the number of threats on the Internet.

For example, a malware toolkit purportedly developed by a Russian group can be purchased online just like commercial software. Called MPack, the software can be used to exploit any number of vulnerabilities in Web browsers or to infect computers with keylogging software, which records a user's keystrokes. And, it comes with regular product updates and technical support. Bot herders, too, are profiting by leasing their botnets to other cybercriminals.

These tools allow those with even limited technical abilities to launch large-scale cyberattacks and partake in Internet-based crimes.

"In 2007, cybercriminals showed that they are [becoming]increasingly sophisticated and organized, having begun to adopt methods that are similar to traditional software development and business practices," says Dean Turner, director of Symantec's Global Intelligence Network.

According to Mr. Turner, who is also executive editor of Symantec's Internet Security Threat Report (ISTR), Symantec has seen an increase over the past two years in the commercialization of cybercrime.

Story continues below advertisement

Story continues below advertisement

The latest ISTR states 61 per cent of all disclosed vulnerabilities were Web application vulnerabilities, meaning cybercriminals no longer even need to actively target their victims. Instead, their victims come to them via compromised websites and applications.

This trend is bolstered, in part, by the rapid adoption of Web 2.0 technologies, say experts. Social networking sites and blogs are providing cybercriminals with access to large concentrations of computer users who implicitly trust the sites they are using.

"Malware writers consistently seek the easiest entry point into a network," says Mike Haro, senior security analyst at security firm Sophos. "The emergence of Web 2.0 has amplified the level of exposure by redefining how individuals interact with the Internet."

Although 2008 will see threats from more sophisticated and "intelligent" malware, Mr. Haro suggests that too many businesses still neglect baseline security measures.

This not only undermines IT security efforts, but also makes users with unprotected computers unwitting aids in the propagation of malware.

Experts repeat the old mantra: Users should install the latest computer updates and patches, keep security software up to date, and educate users on safe computing.

Story continues below advertisement

*****

Beware: malware

31

Percentage of respondents from the Symantec survey who reported viruses as daily occurrences

47

Percentage of respondents who estimate the cost to resolve a virus outbreak at less than $5,000

Story continues below advertisement

68

Percentage of respondents who spend less than 10 per cent of total IT budget on security

Tickers mentioned in this story

Data UpdateUnchecking box will stop auto data updates

Comments

Welcome to The Globe and Mail’s comment community. This is a space where subscribers can engage with each other and Globe staff. Non-subscribers can read and sort comments but will not be able to engage with them in any way. Click here to subscribe.

Welcome to The Globe and Mail’s comment community. This is a space where subscribers can engage with each other and Globe staff. Non-subscribers can read and sort comments but will not be able to engage with them in any way. Click here to subscribe.

Welcome to The Globe and Mail’s comment community. This is a space where subscribers can engage with each other and Globe staff.

We aim to create a safe and valuable space for discussion and debate. That means:

All comments will be reviewed by one or more moderators before being posted to the site. This should only take a few moments.

Treat others as you wish to be treated

Criticize ideas, not people

Stay on topic

Avoid the use of toxic and offensive language

Flag bad behaviour

Comments that violate our community guidelines will be removed. Commenters who repeatedly violate community guidelines may be suspended, causing them to temporarily lose their ability to engage with comments.

Due to technical reasons, we have temporarily removed commenting from our articles. We hope to have this fixed soon. Thank you for your patience. If you are looking to give feedback on our new site, please send it along to feedback@globeandmail.com. If you want to write a letter to the editor, please forward to letters@globeandmail.com.